Esempio n. 1
0
        public async Task <AuthorizationDto> GetAuthorizationAsync(string email, string password, string authenticationType, CancellationToken ct)
        {
            var notracking = _context.Users.AsQueryable().AsNoTracking();

            var user = await notracking.FirstOrDefaultAsync(p => p.Email == email, ct);

            if (user is null)
            {
                throw new ServiceException("Incorrect login or password.");
            }
            // TODO add PasswordHasher
            if (user.Password != password)
            {
                throw new ServiceException("Incorrect login or password.");
            }
            if (!user.IsActivated)
            {
                throw new ServiceException($"User {email} is not confirmed.");
            }

            var jit = Guid.NewGuid().ToString();

            var(accessToken, expires) = CreateAccessToken(user, jit);
            var claimsPrincipal = CreateClaimsPrincipal(user, jit, authenticationType);
            var authorization   = new AuthorizationDto()
            {
                AccessToken     = accessToken,
                ClaimsPrincipal = claimsPrincipal,
                ExpirationIn    = expires
            };

            _logger.LogInformation(LoggingEvents.GetItem, "User login {email}.", email);

            return(authorization);
        }
Esempio n. 2
0
        public async Task <AuthorizationDto> RegistrationConfirmAsync(Guid activationToken, string authenticationType, CancellationToken ct)
        {
            using (_logger.BeginScope("Registration confirm scope")) {
                var key   = activationToken.ToString();
                var email = await _cache.GetStringAsync(key, ct);

                if (email is null)
                {
                    throw new ServiceNotFoundException("Activation token expired or incorrect.");
                }

                var tracking = _context.Users.AsQueryable();
                var user     = await tracking.FirstOrDefaultAsync(p => p.Email == email, ct);

                if (user is null)
                {
                    _logger.LogError(LoggingEvents.UnknownError, "Can't find user by activation token {activationToken}.", activationToken);
                    throw new ServiceException("Please, register again.");
                }
                if (user.IsActivated)
                {
                    throw new ServiceException($"User {user.Id} has been activated.");
                }

                user.IsActivated = true;
                user.UpdatedAt   = DateTime.UtcNow;

                await _context.SaveChangesAsync(ct);

                var jit = Guid.NewGuid().ToString();
                var(accessToken, expires) = CreateAccessToken(user, jit);
                var claimsPrincipal = CreateClaimsPrincipal(user, jit, authenticationType);
                var authorization   = new AuthorizationDto()
                {
                    AccessToken     = accessToken,
                    ClaimsPrincipal = claimsPrincipal,
                    ExpirationIn    = expires
                };

                await _cache.RemoveAsync(key, ct);

                _logger.LogInformation(LoggingEvents.UpdateItem, "Register user {id} success.", user.Id);

                return(authorization);
            }
        }